-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Glen,
On 11/20/14 3:31 PM, Glen Peterson wrote: > I never looked into jsvc. It sounds very interesting! To use a < > 1024 port as a non-root user, I've always used iptables to > redirect traffic to a higher-numbered port. When experimenting > with iptables on a remote server, I actually like to schedule a > reboot for 10 or 15 minutes, so that if I lock myself out, I can > just wait a bit, then get back in without bothering anyone. Some systems have "iptables-apply" which will save the existing rules, apply the new ones, and then pause for a predetermined amount of time so you can check to see that you can at least ssh back into the server. After that timeout, it will roll-back the new iptables rules unless you affirm that the changes should be saved. So you can avoid the reboot-schedule and then having to cancel it. It's just a bit more convenient. > I hope that helps. I have no idea about the pros and cons of > iptables vs. jsvc for this. I just know we were using iptables for > security already, so this was a convenient way around the "root < > 1024 port" restriction. iptables does get you around the port number restrictions which is most often the reason I hear of folks using jsvc. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJUb3XIAAoJEBzwKT+lPKRYa2MP/jgGw1xG48kEB+/3/6B9QD1K Dvf523PnOQA1GlnHIVnsABr7/LJmR/SCsOv3MPHt+il09JfA55XP76PO+ublNn5+ M09g/2xusRjK7F04O8g2wGYRBpVF3W6UIoR0xCzWo3TTVlTOxeJTi4QvGs4Hesmt X1CnqXtgwZjZ0cXO+G+JKSFTG9zWckpI6s4Op4s+jBdo8Nw7mSOy3NNgIjfyZ0Xo orc03eQnHfa2e0rYjB6lYZ2/tfiH0dZsP9qwAZmm63G1oGE+IAl9Z8VL2ze5G+xC HDtBCCZQG2Ccly9iwlH8wdZPJD03uz9XrCk+Wvj6maDjMuskU5a8qLlOfpWZqPJo Tg2i202pILY5YB/CJYBECqe7WK+8CUhyfiDnwNnmd3aolJylHj3imVweqbnbmtaQ dgZGbIBNzw777dNKRv2yMkjhJ+TipcYOYuBDIIUoOHyYwNx8onq0IUqmpFVOH9ZA +ZXtiII9co8EM5RMiXgXLvcbig56qilAsDrm6CoKCKZ0Y7juL0n5Oz2vfnT8AE88 bsAZzAOb9y4JvvH502H5YExxjLRna0IE+EZ3XsCHdEN8WjFGCe/fC4l/BWsmxE6Z 6BH+Tf+oK5bq14tU/VGtkk2VEA27E62weAGXu+PZei4roSvM4sGw6k8F6+jPgN75 3d5hACx4KQO/nifbdbzs =8D0+ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
